Using sockstat to look at open ports in FreeBSD

If you need to know what ports are open and listening on your FreeBSD servers, you can use a few commands.  Netstat -An used to me my goto command for pulling up a list of ports that are listening but it was always difficult to figure out what process or service had opened those ports.  Recently I discovered sockstat.  Sockstat is not a new utility, it has been around for a long time, I'm not sure why I never used it before.  
 

Convert Certificates from PFX to PEM

This artice shows how to extract all the certificates and key file from .pfx file using openssl and remove any password if required.

Let's Encrypt Certificate - Synology NAS Howto

I own a Synology NAS and it now supports the free certificates from Let's Encrypt.  The only problem with Synology's implimentation is that they only allow the web (HTTP-01) method of certificate verification.  This means that I have to map port 80 and 443 from my NAS and make it available to the Internet.  Yuch!   This is what I did to use Let's Encrypt and not open up and web ports to the internet.

 

Setup OpenVPN on FreeBSD 10.2

This acticle will go through the install and configuration to use FreeBSD as your OpenVPN server and how to create the client config files.

 

Adding a Second Drive

This article documents how to add a second drive to your FreeBSD system and format it as UFS.  If you have a system that allows hot-plugging (like the Dell line of servers) then this can be done live without shutting down the server.  If not, then you will have to shut down the server only to insert the drive.  In this article I am going to reference SCSI drive devices (da2) if you have SATA devices, then please not that the device ID will be different (ada2).  

 

NUT Client for VMWare ESXi

NUT is some great software for managing a UPS and notifiying all your client s to shutdown properly.  This document describes how to install a NUT client into ESXi 5 or 6 and have it shut down properly when there is a critical power outage.  The NUT client is integrated into the ESXi hypervisor and can be configured from the vSphere Client

 

Stop PHP files from executing.

If you are a maintainer of a websiter or CMS, don't always trust the built in security.  If the user can upload images or stories to the web site then a hacker may be able to upload script or code as well.  One easy way to mitigate this is to make sure that you do not allow scripts to execute by turning off PHP. 

 

What SSL protocols is a site using.

Wondering what SSL encryption and protocols a site is using.  Cipherscan is free and work well.  You can find it here: Cipherscan

 

Port or Package Installation Date

There are a number of times that I need to find out when a port or package was last upgraded or installed.  This comes in very handy every time I need to upgrade all my ports and I can't remember how far back I need to check in /usr/ports/UPDATING.